From owner-freebsd-hackers@freebsd.org  Sun Jan  6 19:09:56 2019
Return-Path: <owner-freebsd-hackers@freebsd.org>
Delivered-To: freebsd-hackers@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 3D8C51497BBE
 for <freebsd-hackers@mailman.ysv.freebsd.org>;
 Sun,  6 Jan 2019 19:09:56 +0000 (UTC)
 (envelope-from wojtek@puchar.net)
Received: from puchar.net (puchar.net [194.1.144.90])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client CN "puchar.net", Issuer "puchar.net" (not verified))
 by mx1.freebsd.org (Postfix) with ESMTPS id C7CCF8AB89;
 Sun,  6 Jan 2019 19:09:54 +0000 (UTC)
 (envelope-from wojtek@puchar.net)
Received: Received: from 127.0.0.1 (localhost [127.0.0.1])
 by puchar.net (8.15.2/8.15.2) with ESMTPS id x06J9x2C055764
 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO);
 Sun, 6 Jan 2019 20:09:59 +0100 (CET)
 (envelope-from puchar-wojtek@puchar.net)
Received: from localhost (puchar-wojtek@localhost)
 by puchar.net (8.15.2/8.15.2/Submit) with ESMTP id x06J9sRb055761;
 Sun, 6 Jan 2019 20:09:54 +0100 (CET)
 (envelope-from puchar-wojtek@puchar.net)
Date: Sun, 6 Jan 2019 20:09:54 +0100 (CET)
From: Wojciech Puchar <wojtek@puchar.net>
To: Alan Somers <asomers@freebsd.org>
cc: Wojciech Puchar <wojtek@puchar.net>,
 Cy Schubert <Cy.Schubert@cschubert.com>,
 Hackers freeBSD <freebsd-hackers@freebsd.org>,
 Igor Mozolevsky <igor@hybrid-lab.co.uk>,
 Enji Cooper <yaneurabeya@gmail.com>
Subject: Re: Strategic Thinking (was: Re: Speculative: Rust for base system
 components)
In-Reply-To: <CAOtMX2hvB9p9WJ2rBw8QLgpm6tvv9VVRDLdTJ0J07XNTfT14DQ@mail.gmail.com>
Message-ID: <alpine.BSF.2.20.1901062002230.54477@puchar.net>
References: <201901051953.x05JrucZ071109@slippy.cwsent.com>
 <alpine.BSF.2.20.1901061929510.48074@puchar.net>
 <CAOtMX2hvB9p9WJ2rBw8QLgpm6tvv9VVRDLdTJ0J07XNTfT14DQ@mail.gmail.com>
User-Agent: Alpine 2.20 (BSF 67 2015-01-07)
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII; format=flowed
X-Rspamd-Queue-Id: C7CCF8AB89
X-Spamd-Bar: ------
Authentication-Results: mx1.freebsd.org;
 spf=pass (mx1.freebsd.org: domain of wojtek@puchar.net designates 194.1.144.90
 as permitted sender) smtp.mailfrom=wojtek@puchar.net
X-Spamd-Result: default: False [-6.84 / 15.00]; ARC_NA(0.00)[];
 NEURAL_HAM_MEDIUM(-1.00)[-0.999,0]; FROM_HAS_DN(0.00)[];
 R_SPF_ALLOW(-0.20)[+mx]; NEURAL_HAM_LONG(-1.00)[-1.000,0];
 MIME_GOOD(-0.10)[text/plain]; RCVD_TLS_LAST(0.00)[];
 DMARC_NA(0.00)[puchar.net]; RCPT_COUNT_FIVE(0.00)[6];
 RCVD_COUNT_THREE(0.00)[3]; TO_MATCH_ENVRCPT_SOME(0.00)[];
 TO_DN_ALL(0.00)[]; MX_GOOD(-0.01)[cached: puchar.net];
 NEURAL_HAM_SHORT(-0.96)[-0.959,0];
 RCVD_IN_DNSWL_NONE(0.00)[90.144.1.194.list.dnswl.org : 127.0.10.0];
 IP_SCORE(-3.57)[ip: (-9.40), ipnet: 194.1.144.0/24(-4.70), asn: 43476(-3.76),
 country: PL(0.03)]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[];
 MIME_TRACE(0.00)[0:+];
 ASN(0.00)[asn:43476, ipnet:194.1.144.0/24, country:PL];
 MID_RHS_MATCH_FROM(0.00)[]
X-BeenThere: freebsd-hackers@freebsd.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Technical Discussions relating to FreeBSD
 <freebsd-hackers.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-hackers>, 
 <mailto:freebsd-hackers-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-hackers/>
List-Post: <mailto:freebsd-hackers@freebsd.org>
List-Help: <mailto:freebsd-hackers-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-hackers>, 
 <mailto:freebsd-hackers-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 06 Jan 2019 19:09:56 -0000

>> why this "microservices" - which are simply complete programs without
>> dependencies (or should be) - cannot be run simply as processes on
>> different user accounts?
>
> Several reasons:
> 1) Separate accounts don't provide as much security as separate
> containers.  Capsicum does, but people aren't used to using Capsicum

I use separate processes and don't feel the lack of security. I don't use 
capsicum too.

Could you explain it more precisely why standard process and user/group 
separation is insufficient?

Simply access rights and setting
security.bsd.see_other_uids=0

is enough for me.

If something could be added then it would be limiting what ports can each 
user open. But it's not really a problem.

> 2) Fragmentation.  The Linux world is much more fragmented than the
> FreeBSD world.  It's hard to write a program that will work correctly

That's what i agree with you.

Anyway if these microservices would be statically linked this argument 
would be irrevelant. And from what i've read it's how microservices should 
be made.

> 3) Fashion.  You may not care about the latest IT craze, but a lot of
> IT departments do.  And you can't change their minds all by yourself.

I don't even try to change their minds. I don't discuss with such people. 
You can discuss and present arguments to people that don't think.

> If FreeBSD is to be used by people who deploy microservices, then it
> needs to do what they want.  That means it needs Docker or something
> similar (IT admins won't want to learn ezjail if they're already
> comfortable with Docker), or we need to convince people to use
> CloudABI.  CloudABI has the potential to outperform containers.  It
> just hasn't gained traction yet.
> -Alan

Docker is already in ports. If someone want to use it - what a problem?

Anyway if they prefer linux let they use linux.